[mvt] RFR: add access check to ValueType method handle generation
paul.sandoz at oracle.com
Tue Jun 6 16:35:38 UTC 2017
> On 6 Jun 2017, at 08:01, Maurizio Cimadamore <maurizio.cimadamore at oracle.com> wrote:
> Whoops - here's the webrev link
> On 06/06/17 16:01, Maurizio Cimadamore wrote:
>> this patch addresses an issue that was recently discovered during some internal testing. The culprit is that no access check is performed when generating bytecode for ValueType.findGetter and ValueType.findWither and, as a result it is possible to get your hand on a method handle that refers to inaccessible fields - execution will then fail with a more obscure error message when the class containing the synthetic MH bytecode is loaded/executed.
>> The solution is to add an explicit Lookup parameter to these routines, to make sure that access checking is always performed before returning the (possibly cached) method handle.
>> Note that the accessCheck could in principle apply to substitutabilityTest and substitutabilityHashCode, but we have decided to let these two pass for now (by using a sufficiently privileged lookup object to load the MH code).
More information about the valhalla-dev